1### trade-in mode 2 3type tradeinmode, domain, coredomain; 4type tradeinmode_exec, exec_type, file_type, system_file_type; 5 6allow tradeinmode adbd_tradeinmode:fd use; 7allow tradeinmode adbd_tradeinmode:unix_stream_socket { read write ioctl }; 8 9# Allow running from normal shell. 10allow tradeinmode { adbd shell }:fd use; 11allow tradeinmode adbd:unix_stream_socket { read write ioctl }; 12 13allow tradeinmode devpts:chr_file rw_file_perms; 14 15# Allow executing am/content without a domain transition. 16allow tradeinmode system_file:file rx_file_perms; 17allow tradeinmode zygote_exec:file rx_file_perms; 18allow tradeinmode apex_info_file:file r_file_perms; 19 20allow tradeinmode activity_service:service_manager find; 21 22get_prop(tradeinmode, odsign_prop) 23get_prop(tradeinmode, build_attestation_prop) 24get_prop(tradeinmode, adbd_tradeinmode_prop) 25 26# Needed to start activities through "am". 27binder_call(tradeinmode, system_server) 28binder_call(tradeinmode, servicemanager) 29 30# Needed to run "content". 31binder_call(tradeinmode, platform_app) 32